Lucene search
K

437 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:37 a.m.11 views

CVE-2019-7620

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding...

7.5CVSS6.7AI score0.0153EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:33 a.m.8 views

CVE-2019-7612

A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message...

9.8CVSS6.5AI score0.02407EPSS
Exploits0References1
Wolfi
Wolfi
added 2025/12/17 7:48 p.m.4 views

GHSA-84H7-RJJ3-6JX4 vulnerabilities

Vulnerabilities for packages: opensearch, flyway, apache-activemq-artemis, druid, wildfly, zipkin, thingsboard, apicurio-registry, management-api-for-apache-cassandra-5.0, celeborn, kserve-modelmesh, logstash, tez, docker-selenium, keycloak, logstash-input-http, akhq, spark, apache-nifi,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2025/12/17 7:48 p.m.7 views

CVE-2025-67735 vulnerabilities

Vulnerabilities for packages: opensearch, flyway, apache-activemq-artemis, druid, wildfly, zipkin, thingsboard, apicurio-registry, management-api-for-apache-cassandra-5.0, celeborn, kserve-modelmesh, logstash, tez, docker-selenium, keycloak, logstash-input-http, akhq, spark, apache-nifi,...

6.5CVSS6.6AI score0.00292EPSS
Exploits1
Chainguard
Chainguard
added 2025/12/17 7:17 p.m.11 views

CVE-2025-67735 vulnerabilities

Vulnerabilities for packages: apache-pulsar, thingsboard, sonarqube, apache-hop, camunda-zeebe, seata, localstack, management-api-for-apache-cassandra-4.1, tez, keycloak, opensearch-fips, logstash, kayenta-fips, hadoop-fips, management-api-for-apache-cassandra-4.0, neo4j, apicurio-registry,...

6.5CVSS6.6AI score0.00292EPSS
Exploits1
Chainguard
Chainguard
added 2025/12/17 7:17 p.m.7 views

GHSA-84H7-RJJ3-6JX4 vulnerabilities

Vulnerabilities for packages: apache-pulsar, thingsboard, sonarqube, apache-hop, camunda-zeebe, seata, localstack, management-api-for-apache-cassandra-4.1, tez, keycloak, opensearch-fips, logstash, kayenta-fips, hadoop-fips, management-api-for-apache-cassandra-4.0, neo4j, apicurio-registry,...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/31 10:7 p.m.5 views

CVE-2025-34274

Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compromise the Logstash process - for example by exploiting an insecure plugin, pipeline configuration...

9.8CVSS7.3AI score0.01893EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/31 12:30 a.m.4 views

EUVD-2025-37221

Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compromise the Logstash process - for example by exploiting an insecure plugin, pipeline configuration...

9.3CVSS6.9AI score0.01893EPSS
Exploits0References4
NVD
NVD
added 2025/10/30 10:15 p.m.6 views

CVE-2025-34274

Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compromise the Logstash process - for example by exploiting an insecure plugin, pipeline configuration...

9.8CVSS0.01893EPSS
Exploits0References3
OSV
OSV
added 2025/10/30 10:15 p.m.4 views

CVE-2025-34274

Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compromise the Logstash process - for example by exploiting an insecure plugin, pipeline configuration...

9.8CVSS6AI score0.01893EPSS
Exploits0References3
CVE
CVE
added 2025/10/30 9:23 p.m.15 views

CVE-2025-34274

Nagios Log Server (pre-2024R2.0.3) contains an execution with unnecessary privileges due to embedding a Logstash process running as root. If an attacker compromises Logstash (e.g., via insecure plugins, pipeline config injection, or input parsing vulnerabilities), they could execute code with roo...

9.8CVSS7AI score0.01893EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/10/30 9:23 p.m.6 views

CVE-2025-34274 Nagios Log Server < 2024R2.0.3 Logstash Process Root Privileges

Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compromise the Logstash process - for example by exploiting an insecure plugin, pipeline configuration...

9.3CVSS0.01893EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/30 9:23 p.m.2 views

CVE-2025-34274 Nagios Log Server < 2024R2.0.3 Logstash Process Root Privileges

Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compromise the Logstash process - for example by exploiting an insecure plugin, pipeline configuration...

9.3CVSS7AI score0.01893EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.5 views

PT-2025-44517

Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2024R2.0.3 Description The software runs its embedded Logstash process as the root user, leading to a situation where an attacker compromising the Logstash process could execute code with root privileges,...

9.8CVSS7.1AI score0.01893EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.6 views

Nagios Log Server 安全漏洞

Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A security vulnerability exists in Nagios Log Server versions prior to 2024R2.0.3, which stems from the embedded Logstash process running as root user, which could lead to an attacker...

9.8CVSS6.7AI score0.01893EPSS
Exploits0References3
Wolfi
Wolfi
added 2025/10/15 8:42 p.m.3 views

GHSA-MR3Q-G2MV-MR4Q vulnerabilities

Vulnerabilities for packages: logstash...

7AI score
Exploits0
Wolfi
Wolfi
added 2025/10/15 8:42 p.m.20 views

CVE-2025-61921 vulnerabilities

Vulnerabilities for packages: logstash...

7.5CVSS7AI score0.00458EPSS
Exploits1
Chainguard
Chainguard
added 2025/10/15 8:17 p.m.23 views

CVE-2025-61921 vulnerabilities

Vulnerabilities for packages: gitlab-cng, logstash...

7.5CVSS7AI score0.00458EPSS
Exploits1
Chainguard
Chainguard
added 2025/10/15 8:17 p.m.4 views

GHSA-MR3Q-G2MV-MR4Q vulnerabilities

Vulnerabilities for packages: gitlab-cng, logstash...

5.9AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-17149

Malware in sbrugna...

9.8CVSS9.2AI score0.02407EPSS
Exploits0References5
Rows per page
Query Builder